Discover and Manage Shadow IT

Modified on Mon, 11 Dec 2023 at 01:48 AM

Josys can help IT admins conquer shadow IT and reduce SaaS sprawl by leveraging Google Workspace integration and Josys Browser Extension. We provide visibility to unmanaged or unapproved apps, as well as their usage to IT administrators.

How it works

Shadow IT Detection (SID) is available to all organizations that have integrated their Google Workspace with the appropriate scopes to read Google audit logs or they have enabled Josys browser extension.

The following screen will appear until the apps are discovered and presented:

At present, the information from Google Audit logs and Josys Browser extension are collected and analyzed every day.  
Note: We present App data for curated SaaS business apps that are part of our ever-growing Josys Cloud App Dictionary.

App Usage information is presented in these sections:  Discovered Apps, Managed Apps, and People Details

All discovered SaaS apps will be visible in the "Discovered Apps" section, along with information such as the number of accounts, source, and last used date, as shown below.

When clicked on Discovered Apps, you will see account-level information, including the number of app times app was used and the last used date, as shown below.

You can choose to integrate an app that is presented as an “Integrable App” and manage it going forward. If an app is presented as a “Trackable App” you can choose to track it going forward.

The “Managed Apps” section will display usage information for apps that are already integrated. For example, the screenshot below shows that the Slack app has been integrated 24 accounts provisioned, but only 2 users are discovered to be actively using it based on Google Workspace and Josys browser extension as the discovery source.

The "App Usage” in the People Details section will display the usage of all apps that have been provisioned by the IT admin or discovered based on Google Workspace and Josys Browser extension as the discovery source.

Q1: What is Shadow IT? 
A: The term "Shadow IT" describes the unauthorized usage of software, SaaS apps, or IT resources by the employees within an organization without the approval or knowledge of IT department. Data security, compliance, and governance are all at risk.

Q2: How can Josys help detect Shadow IT? 
A: The Josys manages and tracks unauthorized app access within the organization and discovers the apps used by using the organization’s login credentials. The apps usage history and activity are fetched from Google Audit Logs by integration with Google Workspace. IT Admin can identify such apps by looking through these logs and using Google Workspace as a source of discovery for Shadow IT detection. Although usage will be capped at the number of login attempts, which can be precisely counted using the cloud app cookie policy access through Google audit logs will remain accurate.

Q3: Do all of the Google Workspace instances serve as discovery sources?
A: Yes, every Google Workspace integration will be taken into account as a source of discovery.

Learn more about Google Workspace Integration and Browser Extension.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article